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Preface 
About Qualys 


Preface 


This user guide is intended for application developers who will use the Qualys SaaS 
Detection and Response (SDR). 


About Qualys 


Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and 
compliance solutions. The Qualys Cloud Platform and its integrated apps help businesses 
simplify security operations and lower the cost of compliance by delivering critical 
security intelligence on demand and automating the full spectrum of auditing, 
compliance and protection for IT systems and web applications. 


Founded in 1999, Qualys has established strategic partnerships with leading managed 
service providers and consulting organizations including Accenture, BT, Cognizant 
Technology Solutions, Deutsche Telekom, Fujitsu, HCL, HP Enterprise, IBM, Infosys, NTT, 
Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a 
founding member of the Cloud Security Alliance (CSA). For more information, please visit 
www.qualys.com. 


Contact Qualys Support 


Qualys is committed to providing you with the most thorough support. Through online 
documentation, telephone help, and direct email support, Qualys ensures that your 
questions will be answered in the fastest time possible. We support you 7 days a week, 
24 hours a day. Access support information at www.qualys.com/support/. 
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Chapter 1 - Welcome 


Welcome to SDR API User Guide. 


Get Started 


Qualys API Framework - Learn the basics about making API requests. The base URL 
depends on the platform where your Qualys account is located. 


Authentication: SDR would use the JWT based authentication. The client will first have to 
call the /auth API to fetch the token and then make actual API calls while passing the 
token in the headers as Bearer. 


Get API Notifications 


Subscribe to our API Notifications RSS Feeds for announcements and latest news. 


From our Community 
Join our Community 


API Notifications RSS Feeds 


Qualys API Framework 
The Qualys SDR API uses the following framework. 


Request URL 


The URL for making API requests respects the following structure: 
https://<baseurl>/<module>/<object>/<object_id>/<operation> where the components 
are described below. 


«baseurl» The Qualys API server URL that you should use for API requests depends on the 
platform where your account is located. The base URL for Qualys US Platform 1 
is: https;//gateway.qg1.apps.qualys.com 


«module» The API module. 


<object> The module specific object. 


<object_id> (Optional) The module specific object ID, if appropriate. 


«operation» The request operation, such as count. 
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Qualys API Gateway URL 


The Qualys API URL you should use for API requests depends on the Qualys platform 
where your account is located. 


Click here to identify your Qualys platform and get the API URL 


This documentation uses the API gateway URL for Qualys US Platform 1 
(https://gateway.qg1.apps.qualys.com) in sample API requests. If you're on another 
platform, please replace this URL with the appropriate gateway URL for your account. 


Introduction to SaaSDR API Paradigm 


Authentication 


You must authenticate to the Qualys SDR using Qualys account credentials (user name 
and password) and get the JSON Web Token (JWT). Use the Qualys Authentication API to 
get the JWT.The client will first have to call the /auth API to fetch the token and then 
make actual API calls while passing the token in the headers as Bearer. 


Auth request: Refer, Product / Service / API On-boarding#Authentication 
For example, 


Auth request 
URL: https://gateway.p26.eng.in03.qualys.com/auth 


HTTP: POST 

Header: 

Content/Type - application/x-www-form-urlencoded 
Body 

username: «username» 


password:«password» 
token:true 
where Post is the base URL to the Qualys API server where your account is located. 


- username and password are the credentials of the user account for which you want to 
fetch SaaSDR data 


- token should be true 


The Authentication API returns a JSON Web Token (WT) which you can use for 
authentication in SaaSDR. 


Rate limit: Qgateway provides a facility of rate limiting based on the configurations done in 
QWeb BO. SaaSDR would ride on this already existing feature. 
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Using Curl 


Curl is a multi-platform command-line tool used to transfer data using multiple 
protocols. This tool is supported on many systems, including Windows, Unix, Linux and 
Mac. In this document Curl is used in the examples to build Qualys API requests using the 
HTTP over SSL (https) protocol, which is required. 


Want to learn more? Visit https://curl.haxx.se/ 
The following Curl options are used according to different situations: 


Option Description 
-X "GET" The GET method is required for all SaaSDR API requests. 


-H'Authorization: This option is used to provide a custom HTTP request header parameter for 

Bearer <token>” authentication. Provide the JSON Web Token (JWT) received from Qualys 
authentication API in the following format: Authorization: Bearer 
<token>. For information about Qualys authentication API, see 
Authentication. 


Limit your results 

Use the optional “fields” parameter for any API request to limit the amount of information 
returned in the results. Simply specify the fields you want to include or exclude in the 
output, and all other information will be filtered out (excluded). Multiple fields are comma 
separated. Limit is set between 100-200. 

Sample HTTP Response Headers 

Name : X-XSS-Protection, Value : 1; mode=block 

Name : X-Content-Type-Options, Value : nosniff 

Name : X-Permitted-Cross-Domain-Policies, Value : none 


Name : Referrer-Policy, Value : same-origin 


Name : X-Powered-By, Value : Qualys 


Name : X-Application-Context, Value : saas-svc-common 


1 
2 
3 
4 
5) Name : X-Frame-Options, Value : sameorigin 
6 
7 
8 


Name : Server, Value : Qualys 
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Steps to generate bearer token to access SDR apis: 
URI: https://gateway.p26.eng.in03.qualys.com/auth 
HTTP method: POST 


Header 

1.)Content-Type : application/x-www-form-urlencoded 
Body : 

1.)Body type : x-www-form-urlencoded 

2.)Body : 

username:<username> 

password:<password> 

token:true 


Hit the service and generate the token. 


SDR apis 


Pass the bearer token generated in the initial step in the header when accessing the SDR 
apis. 


Example: Authorization:Bearer <Token> (Note: Reference taken as P26) 


Base uri : https://gateway.p26.eng.in03.qualys.com 


Header : Authorization:Bearer <Token> (generated at the start) 


HTTP method : GET 


Connector APIs 


API to get SaaS Connectors 


Get details of all connectors. 


sdr/api/v1/connectors 


[GET] 


Input Parameters 


Connector APIs 
API to get SaaS Connectors 


Name Description 

size The number of records per page to be included in the 

integer response. If pageSize is not specified in the request, 50 

(query) records will be fetched by default. The maximum value 
supported for pageSize is 200. 

page The page to be returned.default values is 0 

integer 

(query) 

Request: 


curl -k -X GET -H «token» -i "«Base uri»/sdr/api/v1/connectors" 


Response: 


("content":[("customerId":"4eaa64f9-771c-745e-810a- 
37d3£4c38a49","connectorType": "GSUITE", "id":2193,"name":"Gsuite 


pOl","description":null,"s 
Scan 


tate":"SUCCESS","config":null,"status":" 


Completed","emailld":"madhavi(8qualyssscgsdev.com","isEnabled":1,"i 


sPolicyEnabled":null,"upda 


tedBy":"sraj@qualys.com","createdBy":"sr 


aj@qualys.com", "accountConfig":"{\"saasSubscriptionId\":\"CO4kkbpr 
8\"}","firstScannedDate":"2021-09- 


29T09:35:202","lastScanned 


Date" :"2021-10- 


04T11:16:582","deleted":false}],"pageable":{"sort": {"unsorted": tru 
e, "sorted": false, "empty":true}, "pageSize":1,"pageNumber":0,"offset 


":0,"paged": true, "unpaged" 
alElements":6,"first":true 


:false},"last":false,"totalPages":6,"tot 
,"sort":{"unsorted":true, "sorted": false, 


"empty": true}, "numberOfElements":1,"size":1,"number":0,"empty":fal 


se} 
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API to get Connector Details 

Get details of a connector. 
sdr/api/v1/connectors/{connectorId}/scanners 
[GET] 


Input Parameters 


Name Description 

connectorld (Required) ID of the connector you want to fetch the 

integer details for. 

path) 

size The number of records per page to be included in the 

integer response. If size is not specified in the request, 50 

query) records will be fetched by default. The maximum value 
supported for size is 200. 

page The page to be returned.default values is 0. 

integer 

query) 

query Filter the response by providing a query using Qualys 

string QQL syntax. 

(query) 

Request: 


curl -k -X GET -H «token» -i "«Base uri>/sdr/api/v1/connectors/[connectorld)/scanners” 


Response: 


("content":[("scannerType":"ADMINUSER","status":"SUCCESS","firstSc 
annedDate":"2021-09-29T09:35:23Z","lastScannedDate":"2021-10- 
04T11:16:28Z2","parentEntityId":"COA4kkbpr8","errorText":null,"scanC 
ount":1,"customerId":null,"connectorId":null,"nextPageToken":null, 
"deltaPageToken":null,"scannerId":0,"scannerDefinitionId":2003,"re 
tryCount":0)],"pageable":("sort":("sorted":false,"unsorted":true," 
empty": true}, "pageNumber":0,"pageSize":1,"offset":0,"paged": true," 
unpaged": false},"totalElements":20,"last": false, "totalPages":20,"f 
irst":true, "sort": {"sorted": false, "unsorted": true, "empty":true},"n 
umberOfElements":1,"size":1,"number":0, "empty": false} 


10 


User APIs 
API to get all SaaS Users 


User APIs 


API to get all SaaS Users 


Get details of all SaaS users. 


sdr/api/v1/users 


[GET] 


Input Parameters 


Name Description 
size The number of records per page to be included in the 
integer response. If size is not specified in the request, 50 
query) records will be fetched by default. The maximum value 
supported for size is 200. 

page The page to be returned.default values is 0. 

integer 

query) 

query Filter the response by providing a query using Qualys 
string QQL syntax. 

query) 

Request: 


curl -k -X GET -H «token» -i "«Base un>/sdr/api/v1/users” 


Response: 


("content":[("customerId":"4eaa64f9-771c-745e-810a- 
37d3f£4c38a49","connector":("id":2245,"type":"OFFICE365"],"sourceId 
":"e919ba0f-2081-4758-9293- 
12fca58ecfle","version":1,"domain":"qualyssscmsdev.com","email":"n 
ewuser6ll@qualyssscmsdev.com","firstName":"611","lastName":"newuse 
r","fullName":"611 
newuser","username":"newuser611","nameAlias":"611 
newuser", "isSuspended":true, "entityType":"USER", "accessType":"Inte 
rnal","role":"USER","roles":[]}],"pageable": {"sort":{"unsorted":fa 
lse,"sorted":true, "empty":false}, "pageNumber":0,"pageSize":1,"offs 
et":0,"paged":true, "unpaged":false},"last":false, "totalPages":1524 
‚"totalElements":1524,"first":true, "sort": {"unsorted":false,"sorte 
d":true, "empty":false}, "numberOfElements":1,"size":1,"number":0,"e 
mpty":false} 


qq 
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API to get all SAAS Users Group 


Get details of all SaaS user groups. 
sdr/api/v1/groups 
[GET] 


Input Parameters 


Name Description 

size The number of records per page to be included in the 

integer response. If size is not specified in the request, 50 

(query) records will be fetched by default. The maximum value 
supported for size is 200. 

page The page to be returned.default values is 0. 

integer 

(query) 

query Filter the response by providing a query using Qualys 

string QQL syntax. 

(query) 

Request: 


curl -k -X GET -H «token» -i "<Base un>/sdr/api/v1/groups” 


Response: 


("content":[("customerId":"4eaa64f9-771c-745e-810a- 
37d3f£4c38a49","connector":("id":2192,"type":"SALESFORCE" 
d":"O0F90n0000000kbRCAQ","version":1,"domain":"post.0n- 


},"sourcel 


In43eae.cs67.chatter.sandbox.salesforce.com", "email": "0f90n0000000 


kbrcaq@post.On- 
1n43eae.cs67.chatter.sandbox.salesforce.com","name":"05. 
lias":"05.01","createdDate":"2021-01- 
05T04:01:262","lastUpdatedDate":"2021-04- 
07T03:00:272","aliases": "Private", "entityType": "CHATTER 
GROUP", "accessType": "Internal", "directMembersCount":3,"m 
"groupId":"0F90n0000000kbRCAQGpost.0n- 


[s 


01","nameA 


embers": [{ 


1n43eae.cs67.chatter.sandbox.salesforce.com", "role": "MEMBER", "enti 


tyType": "USER", "accessType": "Internal", "domain":"gmail.com", "userI 


d":"0050n000003EqkcAAC", "email": "testuser00012@gmail.com 


","fullNam 


e":"TestUser-0012 tu"j,("groupId":"OF90n0000000kbRCAQGpost.0n- 
1n43eae.cs67.chatter.sandbox.salesforce.com","role":"ADMIN","entit 


yType":"USER","accessType":"Internal","domain":"qualys.c 
d":"0050n000003Mg2eAAC","email":"srajG8qualys.com","fullN 
hir Raj"),í("groupId":"0F90n0000000kbRCAQGpost.0n- 


om", "userl 
ame":"Shis 


1n43eae.cs67.chatter.sandbox.salesforce.com","role":"MEMBER","enti 


tyType": "USER", "accessType":"Internal","domain":"qualys 


Td": "0050n000003Mg3wAAC", "email": "mjoshi@qualys.com", "fu 


12 


.com", "user 


llName":"T 


User APIs 
API to get all SAAS Users Group 


estUser-001 
tu"}]}],"pageable":{"sort":{"sorted": true, "unsorted":false, "empty" 
:false},"pageNumber":0,"pageSize":1,"offset":0,"paged": true, "unpag 
ed": false},"totalElements":241,"last":false,"totalPages":241,"firs 
t":true,"sort":{"sorted": true, "unsorted": false, "empty":false},"num 
berOfElements":1,"size":1,"number":0, "empty": false} 
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Resources APIs 


API to get all SaaS Documents 


Get details of all SaaS documents. 


sdr/api/v1/documents 


[GET] 


Input Parameters 


Resources APIs 
API to get all SaaS Documents 


Name Description 

size The number of records per page to be included in the 

integer response. If size is not specified in the request, 50 

query) records will be fetched by default. The maximum value 
supported for size is 200. 

page The page to be returned.default values is 0. 

integer 

query) 

query Filter the response by providing a query using Qualys 

string QQL syntax. 

query) 

Request: 


curl -k -X «GET» -H «token» -i "<Base uri»api/v1/documents" 


Response: 


("content":[("customerId":"4eaa64f9-771c-745e-810a- 


37d3f4c38a49","connector":("id":2192,"type":"SAL 


ESFORCE"), "s 


d":"0690n000000rJJIAA2","version":6,"entityType":"DOCUMENT", 
:"incr scan us3","nameAlias":"incr scan 
us3","type":"csv","size":1049587,"owner":("userId":"0050n000003Mg2 


eAAC","email":"sraj@qualys.com","fullName": 


Raj"j,"lastUpdatedDate":"2021-09- 

27T10:18:49Z2","createdDate":"2021-09- 
27T10:17:372","accessType":"Anyonewithlink", "webContentLink": "http 
s:\/\/qualys-- 


qlyssfengg.my.salesforce.com\/sfc\/p\/0n0000001N43\/a\/0n000 


"Shishir 


ourcel 
"name" 


0000HT 


mN/vAZfYfWa68XGH.RRZXOFD68UepRrTA4bOtIa0kyJuJ24","lastUpdatedBy":"s 


raj8qualys.com","externalDomains":"qualys.com","externalPerm 
unt":1,"isShared": true, "permissions": [{"sourceId":"06A0n0 


sCo 
u9il 


EAC","documentId":"0690n000000rJJIAA2","linked 


EntityType" 


ission 
00001G 
:"User 


","role":"reader","accessType":"Trusted","domain":"qualys.com","em 


ail":"testuser0002@qualys.com"}, {"SourceId":"05D0n0000000HTm 
umentId":"0690n000000rJJIAA2","linkedEntityType":"Anyonewithlin 


doc 


FAM" ; " 


k","role":"reader","accessType":"Anyonewithlink","domain":"anyonew 
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ithlink","email":"anyonewithlink"}]}],"pageable":{"sort":{"unsorte 
d":false,"sorted":true, "empty":false}, "pageNumber":0,"pageSize":l, 
"offset":0,"paged":true, "unpaged": false},"last": false, "totalPages" 
2:92220,"totalElements":92220,"first":true,"sort": {"unsorted": false 
,"sorted":true, "empty": false}, "numberOfElements":1,"size":1, "numbe 
r":0,"empty": false} 
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API to get all SaaS Applications 


Get details of all SaaS applications. 


sdr/api/v1/applications 


[GET] 


Input Parameters 


Name Description 

size The number of records per page to be included in the 

integer response. If size is not specified in the request, 50 

(query) records will be fetched by default. The maximum value 
supported for size is 200. 

page The page to be returned.default values is 0. 

integer 

(query) 

query Filter the response by providing a query using Qualys 

string QQL syntax. 

(query) 

Request: 


curl -k -X «GET» -H «token» -i "«Base uri»api/v1/applications" 


Response: 


("content":[("customerId":"4eaa64f9-771c-745e-810a- 
3743£f4c38a49","connector":{"id":2193,"type":"GSUITE"},"sourceld":" 
645529619299.apps.googleusercontent.com","version":1,"name":"Backu 
p and Sync from Google","nameAlias":"Backup and Sync from 
Google","isAnonymous":false,"scopes":"https: /NV/www.googleapis.com 
\/auth\/peopleapi.readonly, https:\/\/www.googleapis.com\/auth\/con 
tactstore.readonly,https:\/\/www.googleapis.com\/auth\/googletalk, 
https:\/\/www.googleapis.com\/auth\/drive","score":10,"priceModel" 
: "MONTHLY", "billingCycle":"MONTHLY", "isTrusted": false, "userCount": 
2,"exposure":"High", "users": [{"sourceId":"madhavi@qualyssscgsdev.c 
om", "appId":"645529619299.apps.googleusercontent.com", "domain":"qu 
alyssscgsdev.com","email":"madhavi@qualyssscgsdev.com"}]}],"pageab 
le": {"sort":{"sorted":true, "unsorted":false, "empty":false},"pageNu 
mber":0,"pageSize":1,"offset":0,"paged": true, "unpaged":false},"tot 
alElements":554,"last":false,"totalPages":554,"first":true," sort": 
("sorted":true,"unsorted":false,"empty":false],"numberOfElements": 
1,"size":1,"number":0,"empty": false} 
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API to get all SaaS Meetings 


Get details of all SaaS meetings. 


sdr/api/v1/meetings 


[GET] 


Input Parameters 


Resources APIs 


API to get all SaaS 


Name Description 

size The number of records per page to be included in the 

integer response. If size is not specified in the request, 50 

(query) records will be fetched by default. The maximum value 
supported for size is 200. 

page The page to be returned.default values is 0. 

integer 

(query) 

query Filter the response by providing a query using Qualys 

string QQL syntax. 

(query) 

Request: 


curl -k -X «GET» -H «token» -i "«Base uri»api/v1/meetings" 


Response: 


("content":[("customerId":"4eaa64f9-771c-745e-810a- 
3743£f4c38a49","connector":{"id":2190,"type":"ZOOM"},"sourceld":"FK 
A2RjHMSGOGvS7pKGPzPA$3D$3D","version":1,"meetingId":"96482845147", 
"hostUser":["userId":"usDAxUVlTg- 
MZWYSXsNAAA", "email":"mjoshi@qualyssscmsdev.com","fullName":"Madha 
vi Joshi","department":"SSC"},"name":"My Webinar incr scan 
27.09","nameAlias":"My Webinar incr scan 
27.09","entityType":"Webinar","type":"Scheduled","startedAt" 


-09- 


Meetings 


:"2021 


27T10:23:302","scheduledDuration":0,"accessType": "Internal", "parti 


cipantsCount":2,"participants":[("documentId":"FKA2 
ZPAS3DS3D", "LinkedEntityType": "USI 


nternal", "domain": "qualyssscmsdev.com", "userId": "usDAxUVLTg- 
MZWY5XsNAAA", "email":"mjoshi@qualyssscmsdev.com","fullName":"Madha 


Vi 


Joshi"}, {"documentId":"F 


Type":"US] 


ER", "role": "ATT 


KA2RjHMSGOGvS 7pKGPzPA%3 
ENDEE","accessType":"In 


ualyssscmsdev.com","userId" 
qQ","email":"vivekGqualyssscmsdev.com","fullName":"Vivek 
Baranwal"}],"recordingsCoun 
om.us\/rec\/share\/£0OYdJX-DCHxNGO4f4ajoR _3AUSRfOCKxqW7LTHnoCmC- 
VONOcw XIYtTNiu- 


:"IBBghd3IRhe0e4X0oP2]l 
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D%3D", "linked 


ay 
F= 
Di 


RjHMSGOGvS7pKGP 
ER","role":"HOST","accessType":"I 


Entity 


ternal","domain":"q 


t":2,"recordingsShareUrl":"https:\/\/zo 


Resources APIs 
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Jd9C.Or eM7ltDkt64Qgh","recordings":[í("id":"41b71bd1-a784-4cb2- 
a7c8- 
16fb017bd4cc","meetingUUID":"FKA2RjHMSGOGvS7pKGPzPA$3D$3D","starte 
dAt":"2021-09-27T10:23:312","endedAt":"2021-09- 
27T10:24:162","fileType":"MA4A","fileSize":702494,"playUrl":"https: 
\/\/zoom.us\/rec\/play\/dtIS1EoN3MowdoKzIA PsPP6Tqvt6D3- 
DaXXOFpJrKZTOAMxhmqAOfHp492DOzlydNW js37plEklYO9.1ugjikGo RC xZuG" 
,"downloadUrl":"https:\/\/zoom.us\/rec\/download\/dtISlLEoN3MowdoKz 
IA PsPP6Tqvt6D3- 
DaXXOFpJrKZTOAMxhmqAOfHp492DOzlydNW js37plEklYO9.1ugjikGo RC xZuG" 
‚"status":"completed","recordingType":"audio only"},{"id":"c212fa9 
8-18c5-4ac4-a5e0- 
133645045873", "meetingUuUID": "FKA2Rj]HMSGOGVS7pKGPzPA%3D%3D", "starte 
dAt":"2021-09-27T10:23:312","endedAt":"2021-09- 
27T10:24:162","fileType":"MP4","fileSize":811887,"playUrl":"https: 
\/\/zoom.us\/rec\/play\/NU20a32k_a-Uj1l1AkHbZ278VagO5ubV3-rUZB4- 
xxeESFswk5m9qY5cAPzjR T2pZnj01jjA30 OPvyJOr.TYw53f6N5Bwix- 
gM","downloadUrl":"https:\/\/zoom.us\/rec\/download\/NU20a32k_a- 
UjlAkHbZ78VagOb5ubV3-rUZB4- 
xxeESFswk5m9qY5cAPzjR T2pZ2nj01jjA30 OPvyJOr.TYw53f6N5Bwix- 
gM","status":"completed","recordingType":"shared screen with speak 
er view"}],"recordingSetting": {"accessType":"Public", "recordingAut 
hentication": false, "viewerDownload": true, "onDemand":false, "approva 
lType":0}}],"pageable":{"sort":{"unsorted": false, "sorted": true, "em 
pty":false}, "pageSize":1,"pageNumber":0,"offset":0,"paged":true, "u 
npaged":false}, "last":false, "totalPages":5,"totalElements":5,"firs 
t":true,"sort":{"unsorted":false,"sorted":true, "empty":false},"num 
berOfElements":1,"size":1,"number":0,"empty":false] 
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API to get all SaaS Reports 


Get details of all SaaS created reports. 


sdr/api/v1/reports 


[GET] 


Input Parameters 


Name Description 

size The number of records per page to be included in the 

integer response. If size is not specified in the request, 50 

(query) records will be fetched by default. The maximum value 
supported for size is 200. 

page The page to be returned.default values is 0. 

integer 

(query) 

query Filter the response by providing a query using Qualys 

string QQL syntax. 

(query) 

Request: 


curl -k -X «GET» -H «token» -i "«Base un>api/v1/reports" 


Response: 


("content":[("fileUuid":"2acd7710-21ad-11ec-8257- 
e93c62fJef27","reportName":"zoom custom 
csv","description":null,"fileFormat":"csv","status":"completed","t 
emplateTitle":"SDR Assessment Template","templateType":"DEFAULT"," 


templateName":"SDR Assessment Template","createdAt":"2021-09- 
30T05:13:37.000Z","expiresOn":"2021-10- 
07T05:13:37.000Z","config":{"saasApplication": {"key":"ZOOM", "value 
"s"Zoom"}, "connectors": [{"key":2190,"value":"Zoom 
pol"}],"policy":{"key":284,"value":"Zoom custom xr18 
29.09"j,"result":["Pass","Fail","Error"],"template":("key":"SDR As 
sessment Template","value":"SaaS Assessment 
Template"}},"createdBy": "quays xr18"J],"pageable":("sort":["sorted 
":false, "unsorted":true, "empty": true},"pageNumber":0,"pageSize":1, 
"offset":0,"paged": true, "unpaged": false}, "totalElements":8,"last": 
false, "totalPages":8,"first":true,"sort":{"sorted": false, "unsorted 
"strue, "empty":true}, "numberOfElements":1,"size":1,"number":0, "emp 
ty":false} 
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Resources APIs 
API to download Reports Result 


API to download Reports Result 
Get details of all SaaS reports results. 
sdr/api/v1/report/download/{fileUuid} 

[GET] 


Input Parameters 


Name Description 

fileUuid * (Required) File ID of the Reports you want to download 
integer report result. 

(path) 

Request: 


curl -k -X GET -H «token» -i "<Base uri»/sdr/api/v1/report/download/(fileUuid]" 


Response: 


Report will be downloaded. 
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Policy APIs 


API to get all SAAS Policy 


Get details of all policies. 


sdr/api/v1/policy 


[GET] 


Input Parameters 


Policy APIs 
API to get all SAAS Policy 


Name Description 

size The number of records per page to be included in the 

integer response. If size is not specified in the request, 50 

(query) records will be fetched by default. The maximum value 
supported for size is 200. 

page The page to be returned.default values is 0. 

integer 

(query) 

Request: 


curl -k -X GET -H «token» -i "<Base uri>/sdr/api/v1/policy” 


Response: 


("content":[("id":61,"connectorType":"SALESFORCE","name":"Salesfor 


ce Best Practices","description":"This policy provides 
prescriptive guidance for configuring security options for a 
subset of Salesforc Services with an emphasis on foundational, 


testable, and architecture agnostic 


settings.","version":"v1.4.0","type":"System 


Defined","scope":["Identity 
management"],"isSystemCreated": true, "creat 


dDate":"2021-01- 


08T07:19:12Z2","updatedDate":"2021-07- 


22T12:22:052","createdBy": "SYSTEM", "updatedBy": "SYSTEM", "controlCo 
unt":33,"controls"Uz["70139","70134","70135'","70L360',;"TOTL23 77; "70138 
mL7UT0139", "10T27", 701287, 70129", "70130", 70131"; 70132", 170140"; 
"I0T141","70142"7,"70143","70144","70145", "701406", "70147", "70148", "7 
0149m "T0150, 70151 7," 70152' 7,  TOT53", LOLA 1 70T55',."70156T; "770 
57","70158","70159"],"customerId":null,"connectors":[("customerId" 


:"4eaa64£9-771c-745e-810a- 


37d3£4c38a49","connectorType": "SALESFORCE" 


,"id":2192,"name":"sfdc 


pOl","description":null,"state":"SUCCESS","config":null,"status":" 


Scan 
Completed", "emailId":"sraj@qualys.com","is 


Enabled":1,"isPolicyEnab 


led":1,"updatedBy":"sraj@qualys.com", "crea 


tedBy":"sraj@qualys.com" 


,"accountConfig":"{\"saasSubscriptionId\":\"00D0n0000001N43\"}","f 
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Policy APIs 
API to get all SAAS Policy 


irstScannedDate":"2021-09-29T09:32:242","lastScannedDate":"2021- 
10- 
04T10:47:472","deleted":false}]}],"pageable":{"sort":{"unsorted":t 
rue, "sorted":false, "empty":true}, "pageSize":1,"pageNumber":0,"offs 
et":0,"paged":true,"unpaged":false],"last":false,"totalPages":10," 
totalElements":10,"first":true, "sort": {"unsorted":true,"sorted":fa 
lse, "empty": true}, "numberOfElements":1,"size":1,"number":0,"empty" 
:false} 
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Policy APIs 
API to get all SAAS Policy Detail 


API to get all SAAS Policy Detail 


Get details of all policies. 


sdr/api/v1/policy/{policyId} 


[GET] 


Input Parameters 


Name Description 

id* (Required) ID of the Pollicy you want to fetch the details 
integer for. 

(path) 

Request: 


curl -k -X GET -H «token» -i "«Base un>/sdr/api/v1/policy/{policyld}” 


Response: 


("content":[("id":61,"connectorType":"SALESFORCE","name":"Salesfor 
ce Best Practices","description":"This policy provides 
prescriptive guidance for configuring security options for a 
subset of Salesforc Services with an emphasis on foundational, 
testable, and architecture agnostic 
settings.","version":"v1.4.0","type":"System 
Defined","scope":["Identity 
management"],"isSystemCreated":true,"createdDate":"2021-01- 
08T07:19:122","updatedDate":"2021-07- 
22T12:22:052","createdBy":"SYSTEM", "updatedBy": "SYSTEM", "controlCo 
unt'"i33;"controls"s['70133'",' 70134".'70135"," 70136 ', 70137", "*501:38 
Wo POLSON POLAT "40128" 701299 13101307, "7013177 T 70T32T, 7 OLA 08", 
"TOYA1", 170142", 70 T4371 701247, 1 701457, 70146" 711 701477," 70154877, 177 
01497, 70150, *70151",7 70152" ,'"70153' , "10154", 10155" "70156, "TOT 
57","70158","70159"] ,"customerId":null, "connectors": [{"customerId" 
:"4eaa64£9-771c-745e-810a- 
37d3£4c38a49","connectorType": "SALESFORCE", "id":2192,"name":"sfdc 
pOl","description":null,"state":"SUCCESS","config":null,"status":" 
Scan 

Completed", "emailld":"sraj@qualys.com", "isEnabled":1,"isPolicyEnab 
led":1,"updatedBy":"sraj@qualys.com", "createdBy":"sraj@qualys.com" 
,"accountConfig":"{\"saasSubscriptionId\":\"00D0n0000001N43\"}","f 
irstScannedDate":"2021-09-29T09:32:242","lastScannedDate":"2021- 
10- 
04T10:47:472","deleted":false}]}],"pageable":{"sort":{"unsorted":t 
rue, "sorted":false, "empty":true}, "pageSize":1,"pageNumber":0,"offs 
et":0,"paged":true,"unpaged":false],"last":false,"totalPages":10," 
totalElements":10,"first":true, "sort": {"unsorted":true,"sorted":fa 
lse, "empty": true}, "numberOfElements":1,"size":1,"number":0,"empty" 
:false} 
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